DNS hijacking risks

You need to know your IP address to connect to internet sites. It's easier for users, however, to remember domain names (the letters comprising the site address) than to remember the string of numbers that make up the IP address. DNS is a widely-used system for getting the IP addresses that correspond to domain names.

When a user enters a website address, this is what happens:

The browser sends a request specifying the domain to a special DNS server.

The DNS server returns a response with the appropriate physical IP address.

Attention. The DNS-server request and response are transmitted openly, without encryption.

The lack of encryption means that:

The internet provider or network administrator can find out which sites a user is visiting.

Attackers can tamper with the response from the DNS server and redirect the user to a malicious site. For example, instead of going to a bank's website, a user might end up on a fake site that steals passwords.